Beta

Azure Kubernetes Service

Working with AKS

Azure Kubernetes Fleet

Managing hundreds or thousands of Azure Kubernetes Service (AKS) clusters can quickly become complex. This guide explores why you should adopt a multicluster pattern—and how to implement it on Azure using both community and enterprise solutions.

Why Use a Multicluster Architecture?

Single Kubernetes clusters can handle multiple workloads via namespaces and pods. However, large-scale or regulated deployments often require more:

RequirementDescription
Multi-tenancyIsolate resources across teams or customers
High availabilityDistribute workloads for regional failover and resilience
Regulatory complianceEnsure data sovereignty and meet industry-specific rules
Scalability limitsScale beyond single-cluster node and pod count restrictions

The image lists reasons for adopting a multi-cluster approach, including multi-tenancy, high availability, regulatory compliance, and scaling beyond single cluster limitations.

When to Choose Multicluster

Multicluster setups introduce operational overhead. Evaluate your tenancy, compliance, and scale requirements before proceeding.

Compliance alone can justify the additional complexity—for example, U.S. state-level regulations might require separate AKS clusters per jurisdiction. When application demands exceed single-cluster limits, a fleet of clusters becomes essential.

Open-Source Multicluster Solutions

Several community-driven projects enable cross-cluster orchestration:

Kubernetes Cluster Federation (KubeFed)

KubeFed provides federated APIs to coordinate resources across multiple Kubernetes clusters.

kubectl apply -f federated_resource.yml

Version history:

  • v1: Deprecated
  • v2: Archived

Deprecated Solution

KubeFed v2 is no longer actively developed. Consider alternative projects for production use.

Open Cluster Management (OCM)

OCM by Red Hat implements a hub-and-spoke control plane:

  • Hub cluster: Central management plane
  • Spoke clusters: Agents (clusterlet) register and enforce policies

The image is a diagram explaining Open Cluster Management (OCM), showing components like the Hub Cluster, Managed Clusters, and various agents and add-ons. It highlights features such as modularity, integration with OpenShift, and Argo CD.

Key OCM features:

  • Cluster registration and discovery
  • Placement, scheduling, and policy enforcement

Karmada

Karmada introduces a separate control plane with its own API server and scheduler.

The image is a diagram of the Karmada architecture, showing its control plane with components like Kubernetes APIs, Karmada API-server, and various controllers managing clusters across public, private, and edge clouds.

Highlights:

  • Dedicated Karmada API server
  • Workload controllers sync across clusters
  • Requires agent deployment in each member cluster

Enterprise Multicluster Management with Azure Kubernetes Fleet Manager

Azure Kubernetes Fleet Manager offers a managed service for AKS fleet operations at scale:

  • Centralized cluster inventory and bulk operations
  • Automated provisioning, upgrades, and configuration
  • Policy-driven workload placement and governance
  • Integrated north-south load balancing across regions

Azure Subscription Required

You need an Azure subscription with required permissions to create and manage fleet resources.

Example: Placing a Namespace Across Clusters

Define a ClusterResourcePlacement CRD to deploy a namespace to clusters in eastus:

apiVersion: fleet.azure.com/v1alpha1
kind: ClusterResourcePlacement
metadata:
  name: demo
spec:
  resourceSelectors:
    - group: 
      version: v1
      kind: Namespace
      name: demo
  policy:
    affinity:
      clusterAffinity:
        clusterSelectorTerms:
          - labelSelector:
              matchLabels:
                fleet.azure.com/location: eastus

Example: Creating a MultiClusterService

Import a service across your fleet using the MultiClusterService CRD:

apiVersion: networking.fleet.azure.com/v1alpha1
kind: MultiClusterService
metadata:
  name: demo
  namespace: demo
spec:
  serviceImport:
    name: demo

Fleet Manager Features

FeatureDescription
Bulk operationsApply changes across dozens or hundreds of clusters simultaneously
Automated lifecycleSelf-service cluster provisioning and version upgrades
Policy enforcementDefine and enforce policies (e.g., Kubernetes version, pod limits)
Update orchestrationStage rollouts (test → prod) with update waves

You can orchestrate rollouts in phases (e.g., test, staging, prod) by grouping clusters into waves:

The image is a flowchart illustrating a multi-cluster update process, divided into "test" and "prod" stages, with clusters grouped and updated sequentially.

This approach ensures consistent, safe updates across your entire AKS fleet.

Watch Video

Watch video content

Previous
Upgrading your application
Next
Summary